<?php
$allowedExts = array("gif", "jpeg", "jpg", "png");
$temp = explode(".", $_FILES["f_photo"]["name"]);
$file_name=rand(100,1000).$_FILES["f_photo"]["name"];
$extension = end($temp);
if ((($_FILES["f_photo"]["type"] == "image/gif")
|| ($_FILES["f_photo"]["type"] == "image/jpeg")
|| ($_FILES["f_photo"]["type"] == "image/jpg")
|| ($_FILES["f_photo"]["type"] == "image/pjpeg")
|| ($_FILES["f_photo"]["type"] == "image/x-png")
|| ($_FILES["f_photo"]["type"] == "image/png"))
&& ($_FILES["f_photo"]["size"] < 800000)
&& in_array($extension, $allowedExts))
  {
  if ($_FILES["f_photo"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["f_photo"]["error"] . "<br>";
    }
  else
    {
    echo "Upload: " . $_FILES["f_photo"]["name"] . "<br>";
    echo "Type: " . $_FILES["f_photo"]["type"] . "<br>";
    echo "Size: " . ($_FILES["f_photo"]["size"] / 1024) . " kB<br>";
    echo "Temp file: " . $_FILES["f_photo"]["tmp_name"] . "<br>";

    if (file_exists("../photo/" . $file_name))
      {
      echo $file_name . " already exists. ";
      }
    else
      {
      move_uploaded_file($_FILES["f_photo"]["tmp_name"],
      "../photo/" . $file_name);
      echo "<meta http-equiv='refresh' content='0;URL=../default.php?fn=$file_name'>";
      }
    }
  }
else
  {
  echo "Invalid file";
  }
?>